Go to file
Christoph Haas 793c2fc27e remove unnecessary script and css files 2020-12-02 19:26:18 +01:00
assets remove unnecessary script and css files 2020-12-02 19:26:18 +01:00
cmd/wg-portal initial commit 2020-11-05 19:37:51 +01:00
internal auto create account, sync ldap disabled flag 2020-11-16 22:39:41 +01:00
scripts fix goss check 2020-11-13 09:44:25 +01:00
.gitignore Update .gitignore 2020-11-10 11:12:34 +01:00
.travis.yml user dockerhub for image building and travis-ci for testing 2020-11-10 12:24:18 +01:00
Dockerfile fix goss check 2020-11-13 09:10:21 +01:00
LICENSE.txt add README and LICENSE 2020-11-16 23:13:15 +01:00
Makefile wip: docker and travis 2020-11-10 11:06:04 +01:00
README.md add README and LICENSE 2020-11-16 23:13:15 +01:00
docker-compose.yml user dockerhub for image building and travis-ci for testing 2020-11-10 12:24:37 +01:00
go.mod many small improvements 2020-11-10 22:23:05 +01:00
screenshot.png add README and LICENSE 2020-11-16 23:13:15 +01:00

README.md

WireGuard Portal

Build Status License: MIT GitHub last commit GitHub go.mod Go version GitHub code size in bytes

A simple web base configuration portal for WireGuard. The portal uses the WireGuard wgctrl library to manage the VPN interface. This allows for seamless activation or deactivation of new users, without disturbing existing VPN connections.

The configuration portal is designed to use LDAP (Active Directory) as a user source for authentication and profile data. It still can be used without LDAP by using a predefined administrator account. Some features like mass creation of accounts will only be available in combination with LDAP.

Features

  • Self-hosted and web based
  • Automatically select IP from the network pool assigned to client
  • QR-Code for convenient mobile client configuration
  • Sent email to client with QR-code and client config
  • Enable / Disable clients seamlessly
  • Generation of wgX.conf after any modification
  • IPv6 ready
  • User authentication (LDAP and/or predefined admin account)
  • Dockerized
  • Responsive template

Screenshot

Setup

Docker

The easiest way to run WireGuard Portal is using the provided docker image.

Docker compose snippet, used for demo server

version: '3.6'
services:
  wg-portal:
    image: h44z/wg-portal:latest
    container_name: wg-portal
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    network_mode: "host"
    volumes:
      - /etc/wireguard:/etc/wireguard
      - ./data:/app/data
    ports:
      - '8123:8123'
    environment:
      - EXTERNAL_URL=https://vpn.company.com
      - WEBSITE_TITLE=WireGuard VPN
      - COMPANY_NAME=Your Company Name
      - MAIL_FROM=WireGuard VPN <noreply+wireguard@company.com>
      - ADMIN_USER=admin  # optional admin user
      - ADMIN_PASS=supersecret
      - ADMIN_LDAP_GROUP=CN=WireGuardAdmins,OU=Users,DC=COMPANY,DC=LOCAL
      - EMAIL_HOST=10.10.10.10
      - EMAIL_PORT=25
      - LDAP_URL=ldap://srv-ad01.company.local:389
      - LDAP_BASEDN=DC=COMPANY,DC=LOCAL
      - LDAP_USER=ldap_wireguard@company.local
      - LDAP_PASSWORD=supersecretldappassword

Please note that mapping /etc/wireguard to /etc/wireguard inside the docker, will erase your host's current configuration. If needed, please make sure to backup your files from /etc/wireguard. For a full list of configuration options take a look at the source file internal/common/configuration.go.

Standalone

For a standalone application, use the Makefile provided in the repository to build the application.

make

The compiled binary and all necessary assets will be located in the dist folder.

What is out of scope

  • Generation or application of any iptables or nftables rules
  • Setting up or changing IP-addresses of the WireGuard interface

Application stack

License

This project was inspired by wg-gen-web.